class PostsController < ApplicationController
  before_action :set_post, only: [:show, :edit, :update, :destroy]
  #load_and_authorize_resource :post

  #当applicationController中使用了check_authorization时需要在控制器中使用此
  skip_authorization_check :only => [:index, :show]

  def initialize
    super
    @blog_sorts = BlogSort.where("posts_count >= ?",0)

  end

  # GET /posts
  # GET /posts.json
  def index
    @posts ||= Post.all
    @blog_sorts ||= BlogSort.all
  end

  # GET /posts/1
  # GET /posts/1.json
  def show
    @related_posts = Post.all

  end
  #按照分类查询博客
  def classified_query
    @posts =  Post.where(blog_sort_id:  params[:id])
    @active = params[:id]
    render :index
  end
  #动作："推荐阅读"博客
  #业务：最新发表的博客
  def recommended_reading
    @posts = Post.last(10)
    render "posts/index", layout: "application"
  end

  private
    # Use callbacks to share common setup or constraints between actions.
    def set_post
      @post = Post.find(params[:id])
    end

    # Never trust parameters from the scary internet, only allow the white list through.
    def post_params
      params.require(:post).permit(:title, :author, :content)
    end


end
